Please amend claims 1, 21, 27, 33 and 36 as indicated below. 

1. (Currently amended) A method for automated discovery of data, comprising: 

producing a resource definition for at least one computer-implemented resource, 
wherein the at least one resource is at least one source resource containing 
a set of information objects, wherein each resource definition is a source 
resource definition, and wherein said producing comprises defining each 



at least one computcr - implomontod source resource containing a sot of 

information objocts , wherein the set of information objects defines a set of 
users , wherein said defining at l e ast on e comput e r impl e m e nt e d sourc e 



using the source resource definition for each at least one source resource to 
discover said set of users from said source resource; wherein said using 
the source resource definition is performed by a computer program 
process; 

defining an additional resource containing a second set of information objects, 
wherein each information object fi-om said second set of information 

objects corresponds to a user from said set of users, wherein said defining 
an additional resource produces an additional resource definition; 

using the additional resource definition to discover said second set of information 
objects fi'om said additional resource; wherein said using the additional 
resource definition is performed by the computer program process; and 
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generating and storing data specifying an association of each information object 
from said second set of information objects with the corresponding user 
from said set of users and with said additional resource; wherein said 
generating and said storing are performed by the computer program 
process. 

2. (Previously presented) The method of claim 1, fiirther comprising: 
defining a correlation rule; and 

associating each information object from said second set of information objects 
with the corresponding user from said set of users based on said 
correlation rule. 

3. (Original) The method of claim 1, fiirther comprising: 
defining a correlation rule; 

discovering said set of users from multiple source resources; and 

rejecting duplicate users from said set of users based on said correlation rule. 

4. (Original) The method of claim 1, fiirther comprising: 

creating a virtual identity for each user from said set of users, wherein each virtual 
identity includes an information object list associating at least one of said 
information objects from said second set of information objects with the 
corresponding user and with the said second resource. 

5. (Original) The method of claim 4, wherein said information object list 
comprises: 
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an information object name; and 

a resource name, wherein the resource name corresponds to the resource from 
which the information object corresponding to the information object 
name was discovered. 

6. (Original) The method of claim 1, further comprising: 
providing connection information for said source resource; and 
providing connection information for said additional resource. 

7. (Original) The method of claim 6, wherein the connection information for 
said source resource includes a hostname, a port, a usemame and a password and wherein 
the connection information for said additional resource includes a hostname, a port, a 
usemame and a password. 

8. (Original) The method of claim 1, further comprising defining a schema map, 
wherein the schema map maps an attribute from said source resource to a virtual 
attribute. 

9. (Original) The method of claim 1, further comprising a schema map, wherein 
said schema map maps an attribute from said additional resource to a virtual attribute. 

10. (Original) The method of claim 9, further comprising: 

creating a virtual identity for each user from said set of users, wherein each virtual 
identity includes an information object list associating at least one of said 
information objects from said second set of information objects with the 
corresponding user. 
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11. (Previously presented) The method of claim 10, wherein said information 
object list comprises: 



an information object name; and 

a resource name, wherein the resource name corresponds to the resource from 
which the information object corresponding to the information object 
name was discovered. 

12. (Previously presented) A method of discovering users and accounts, 
comprising: 

defining at least one computer-implemented source resource containing a first set 
of user accounts from which a set of users are discoverable, wherein said 
defining produces a definition for each at least one source resource; 

using the definition for each at least one source resource to discover said set of 
users based on said set of user accounts; wherein said using is performed 
by a computer program process; and 

generating and storing data specifying an association of each user account from 
said first set of user accounts with the corresponding user and with said 
source resource; wherein said generating and said storing are performed 
by the computer program process. 

13. (Original) The method of claim 12, wherein said first set of user accounts 
resides on multiple source resources, further comprising: 

defining a correlation rule; 
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discovering said set of users from said multiple source resources; and 
rejecting duplicate users according to said correlation rule. 

14. (Original) The method of claim 12, further comprising: 

defining an additional resource containing a second set of user accounts, wherein 
each user account from said second set of user accounts corresponds to a 
user from said set of users; 

discovering said second set of user accounts based on said additional resource 
definition; and 

associating each of said second set of user accounts with the corresponding user 
from said set of users and with said additional resource. 

15. (Original) The method of claim 14, further comprising: 
defining a correlation rule; 

associating each of said second set of user accounts with a user from said set of 
users based on said correlation rule. 

16. (Previously presented) The method of claim 15, further comprising: 

creating a virtual identity for each user, wherein said virtual identity includes an 
account list associating resource accounts to the corresponding user. 

17. (Original) The method of claim 14, further comprising identifying said 
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18. (Original) The method of claim 14, further comprising defining a schema 
map for said additional resource. 

19. (Original) The method of claim 18, fiirther comprising mapping an attribute 
from said second set of resource accounts to a virtual attribute. 

20. (Original) The method of claim 12, further comprising defining one or more 
roles for one or more users. 

21. (Currently amended) A system for discovering information on a network, 
comprising: 

a computer readable medium memory : and 

a software program stored on said computer readable medium memory and 
executable by a computer processor to: 

receive a first resource definition, wherein said first resource contains a 
first set of information objects from which a set of users are 
discoverable; 

connect to said first resource; 

discover said user names; 

receive a second resource definition, wherein said second resource 
contains a second set of information objects and wherein each of 
said second set of information objects corresponds to a user from 
said set of users; 

discover said second set of information objects from said second resource; 



10/006,763 (5681-96801/SUN040711) 



7 



Meyertons, Hood, Kivlin, Kowert & Goetzel, P.C. 



associate each information object from said second set of information 
objects with the corresponding user; and 

store data specifying an association of each information object from said 
second set of information objects with the corresponding user. 

22. (Original) The system of claim 21, wherein said software program is fiirther 
executable to: 

receive a correlation rule; and 

associate each information object from said second set of information objects with 
the corresponding user based on said correlation rule. 

23. (Original) The system of claim 21, fiirther comprising: 

receiving a schema map for said second resource, wherein said schema map maps 
attributes from said second resource to virtual attributes. 

24. (Original) The system of claim 23, wherein said virtual attributes are stored 
an identity index. 

25. (Original) The system of claim 21, fiirther comprising creating a virtual 
identity for each user from said set of users. 

26. (Original) The system of claim 25, wherein said virtual identity includes an 
information object list associating said user with corresponding information objects. 

27. (Currently amended) A system for discovering information on a network, 
comprising: 
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a computer readable medium memory ; and 



a software program stored on said computer readable medium memory and 
executable by a computer processor to: 

receive a first resource definition, wherein said first resource contains a 
first set of resource from which a set of users are discoverable; 

connect to said first resource; 

discover said user names; 

receive a second resource definition, wherein said second resource 
contains a second set of resource accounts and wherein each of 
said second set of resource accounts corresponds to a user from 
said set of users; 

discover said second set of resource accounts from said second resource; 

associate each resource account from said second set of resource accounts 
with the corresponding user; and 

store data specifying an association of each resource account from said 
second set of resource accounts with the corresponding user. 

28. (Original) The system of claim 27, wherein said software program is further 
executable to: 

receive a correlation rule; and 
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associate each resource account from said second set of resource accounts with 
the corresponding user based on said correlation rule. 

29. (Original) The system of claim 27, further comprising: 

receiving a schema map for said second resource, wherein said schema map maps 
attributes from said second resource to virtual attributes. 

30. (Original) The system of claim 29, wherein said virtual attributes are stored 
an identity index. 

3 1 . (Original) The system of claim 27, fiirther comprising creating a virtual 
identity for each user from said set of users. 

32. (Previously presented) The system of claim 31, wherein said virtual identity 
includes a resource account list associated said user with corresponding resource 
accounts. 

33. (Currently amended) A method for automated discovery of data, comprising: 

receiving from a first administrator a definition of at least one computer- 
implemented sourc e resource containing a set of information objects, 
wherein the set of information objects defines a set of users , and wherein 
the at least one resource is at least one source resource : 

using the definition of the at least one source resource to discover said set of users 
from said source resource; wherein said using the definition of the at least 
one source resource is performed by a computer program process; 

receiving from said first administrator a definition of a second resource containing 
a second set of information objects, wherein each information object from 
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said second set of information objects corresponds to a user from said set 
of users; 

using the definition of the second resource to discover said second set of 
information objects from said second resource; wherein said using the 
definition of the second resource is performed by the computer program 
process; and 

generating and storing data specifying an association of each information object 
from said second set of information objects with the corresponding user 
from said set of users; wherein said generating and said storing are 
performed by the computer program process. 

34. (Original) The method of claim 33, fiirther comprising: 

receiving from a second administrator a definition of at least one additional 
resource containing a third set of information objects, wherein each 
information object from said third set of information objects corresponds 
to a user from said set of users; 

associating each information object from said third set of information objects with 
the corresponding user from said set of users. 

35. (Original) The method of claim 34, fiirther comprising, receiving a stray 
account definition from an end user. 

36. (Currently amended) A method for discovering information, comprising: 

receiving a souroo resource definition from a first administrator, wherein the 
resource definition is a source resource definition for a source resource. 
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wherein a set of users are discoverable from said source resource, wherein 
said source resource is a computer-implemented resource; 

using the source resource definition to discover said set of users from said source 
resource; wherein said using the source resource definition is performed 
by a computer program process; 

receiving an additional resource definition for an additional resource from a 
second adminisfrator, wherein said additional resource contains 
information objects corresponding to each user from said set of users; 

using the additional resource definition to discover said information objects from 
said additional resource; wherein said using the additional resource 
definition is performed by the computer program process; and 

generating and storing data specifying an association of said information objects 
with said users from said set of users; wherein said generating and storing 
are performed by the computer program process. 

37. (Original) The method of claim 36, wherein said information objects 
comprise user accounts. 

38. (Previously presented) The method of claim 36, fiirther comprising, 
receiving a user resource definition from an end-user, wherein said user resource contains 
an additional information object corresponding to said user; and 

associating said additional information object with said user. 

39. (Original) The method of claim 38, wherein said additional information 
object comprises a user account. 
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40. (Original) The method of claim 38, further comprising: 

requiring authentication from said user before associating said additional 
information object with said user. 

41. (Previously presented) A method for discovering data, comprising: 

defining a computer-implemented first resource containing information objects 
defining at least one user from a set of users, wherein said defining 
produces a definition for the first resource; 

using the definition to discover said information objects based on said first 
resource definition; wherein said using is performed by a computer 
program process; 

generating and storing data specifying an association of each of said information 
objects with a user from said set of users and with said first resource; 
wherein said generating and storing are performed by the computer 
program process. 

42. (Original) The method of claim 41 wherein said resource comprises a source 
resource. 

43. (Original) The method of claim 41, further comprising: 
defining a source resource; and 

discovering said set of users from said source resource. 

44. (Original) The method of claim 41, wherein said information objects 
comprise user accounts. 
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45. (Original) The method of claim 44, further comprising: 

creating a virtual identity for each user from said set of users; 

maintaining a resource account list for each virtual identity, wherein the resource 
account list for each virtual identity lists the resource accounts with which 
the corresponding user is associated and the resource from which each 
resource account was discovered. 

46. (Original) The method of claim 45, further comprising: 

defining a schema map for said first resource, wherein said schema map maps an 
attribute from said first resource to a virtual attribute. 

47. (Original) The method of claim 41, further comprising, defining a role for at 
least one user from said set of users. 

48. (Previously presented) A method of discovering information, comprising: 

receiving a first resource definition from a first administrator, wherein said first 
resource contains a first set of information objects defining at least one 
user from a set of users, wherein said first resource is a computer- 
implemented resource; 

receiving a second resource definition from a second administrator, wherein said 
second resource contains a second set of information objects defining at 
least one user from said set of users; 
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using the first resource definition to discover said first set of information objects 
from said first resource; wherein said using the first resource definition is 
performed by a computer program process; 

generating and storing data specifying an association of each information object 
from said first set of information objects with at least one user from said 
set of users and with said first resource; wherein said generating and 
storing are performed by the computer program process; 

using the second resource definition to discover said second set of information 
objects from said second resource; wherein said using the second resource 
definition is performed by the computer program process; and 

generating and storing data specifying an association of each information object 
from said second set of information objects with at least one user from 
said set of users and with said second resource; wherein said generating 
and storing are performed by the computer program process. 

49. (Original) The method of claim 48, fiirther comprising: 

receiving a first source resource definition from said first administrator, wherein 
said source resource contains information objects defining at least a first 
portion of said set of users; and 

discovering at least said first portion of said set of users from said first source 
resource. 

50. (Original) The method of claim 49, fiirther comprising: 
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receiving a second source resource definition fi-om said second administrator, 
wherein said second source resource contains information objects defining 
at least a second portion of said set of users; and 

discovering at least said second portion of said set of users fi-om said second 
source resource. 

5 1 . (Original) The method of claim 50, fiirther comprising: 

receiving a third resource definition from an end-user, wherein said third resource 
contains a stray information object; 

discovering said stray information object from said third resource; and 

associating said sfray information object with said end-user and with said third 
resource. 

52. (Previously presented) A method for discovering information, comprising: 

defining a plurality of computer-implemented resources, wherein each of the 
plurality of resources contains a set of information objects defining at least 
one user from a set of users, wherein said defining produces a definition 
for each of the resources; 

using each definition to discover said sets of information objects from each of the 
plurality of resources; wherein said using each definition is performed by 
a computer program process; and 

generating and storing data specifying an association of each information object 
from said sets of information objects with a user from said set of users and 
with the resource from which the corresponding information object was 
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discovered; wherein said generating and storing are performed by the 
computer program process. 

53. (Original) The method of claim 52, further comprising: 

defining at least one source resource from which said set of users are 
discoverable; and 

discovering said set of users from said at least one source resource. 

54. (Original) The method of claim 53, further comprising: 

associating each source resource information object from a set of source resource 
information objects with a user from said set of users and with said source 
resource, wherein said source resource fiirther comprises said set of source 
resource information objects defining said set of users. 

55. (Original) The method of claim 52, further comprising: 
defining a correlation rule; and 

associating each information object from said sets of information objects with a 
user based on said correlation rule. 

56. (Original) The method of claim 52, wherein each information object 
comprises a resource account. 

57. (Original) The method of claim 56, fiirther comprising creating a virtual 
identity for each user, wherein each said virtual identity comprises a resource account list 
comprising a list of information objects associated with the corresponding user and the 
resource from which each such information object was discovered. 
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58. (Original) The method of claim 52, further comprising providing connection 
information for each of the plurality of resources. 

59. (Original) The method of claim 52, further comprising defining at least one 
role for at least one user from said set of users, wherein said at least one role defines a set 
of resources from said plurality of resources from which information objects will be 
discovered for the corresponding user. 



10/006,763 (5681-9680 1/SUN040711) 



Meyertons, Hood, Kivlin, Kowert & Goetzel, P.C. 



